Live disclosure tracker · updated continuously

2026 Data Breaches Year-to-Date

2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.

98B+
Records Exposed
1001
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

2026 Data Breaches Year-to-Date (1001 indexed)

critical · tech · Apr 20, 2026

JetBrains TeamCity

JetBrains TeamCity Relative Path Traversal Vulnerability — JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed. — (Known ransomware-campaign exploita

View incident → Original disclosure Indexed 2 months, 3 weeks ago
high · retail · Apr 17, 2026

Amtrak

2,147,679 records exposed — Email addresses, Names, Physical addresses, Support tickets

View incident → Indexed 3 months ago
critical · education · Apr 16, 2026

McGraw Hill

13,500,136 records exposed — Email addresses, Names, Phone numbers, Physical addresses

View incident → Indexed 3 months ago
high · tech · Apr 16, 2026

Apache ActiveMQ

Apache ActiveMQ Improper Input Validation Vulnerability — Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.

high · tech · Apr 14, 2026

Microsoft SharePoint Server

Microsoft SharePoint Server Improper Input Validation Vulnerability — Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a networ

high · tech · Apr 14, 2026

Microsoft Office

Microsoft Office Remote Code Execution — Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially craft

high · tech · Apr 13, 2026

Fortinet FortiClient EMS

Fortinet FortiClient EMS SQL Injection Vulnerability — Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically

critical · tech · Apr 13, 2026

Microsoft Exchange Server

Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability — Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution. —

high · tech · Apr 13, 2026

Microsoft Windows

Microsoft Windows Out-of-Bounds Read Vulnerability — Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation

high · retail · Apr 12, 2026

Hallmark

1,736,520 records exposed — Email addresses, Names, Phone numbers, Physical addresses and 1 more

View incident → Indexed 3 months ago
medium · tech · Apr 8, 2026

My Lovely AI

106,271 records exposed — Email addresses, Social media profiles

View incident → Indexed 3 months, 1 week ago
high · tech · Apr 6, 2026

Fortinet FortiClient EMS

Fortinet FortiClient EMS Improper Access Control Vulnerability — Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or comma

View incident → Original disclosure Indexed 3 months, 1 week ago
high · tech · Apr 4, 2026

SongTrivia2

291,739 records exposed — Auth tokens, Avatars, Email addresses, Names and 2 more

View incident → Indexed 3 months, 1 week ago
high · tech · Apr 2, 2026

TrueConf Client

TrueConf Client Download of Code Without Integrity Check Vulnerability — TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path ca

View incident → Original disclosure Indexed 3 months, 2 weeks ago
high · tech · Apr 1, 2026

Google Dawn

Google Dawn Use-After-Free Vulnerability — Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML pag

View incident → Original disclosure Indexed 3 months, 2 weeks ago